CVE-2024-23366

Q: What is the severity of CVE-2024-23366?

CVE-2024-23366 has a CVSS score of 6.6 (MEDIUM). This CVE describes an information disclosure vulnerability in Qualcomm mailbox write API where processing oversized messages can leak sensitive data. It affects systems using vulnerable Qualcomm components, potentially exposing memory contents to attackers.

6.6 MEDIUM

📋 TL;DR

This CVE describes an information disclosure vulnerability in Qualcomm mailbox write API where processing oversized messages can leak sensitive data. It affects systems using vulnerable Qualcomm components, potentially exposing memory contents to attackers.

💻 Affected Systems

Products:

Qualcomm SoCs with vulnerable mailbox implementation

Versions: Specific versions not detailed in reference; check Qualcomm advisory for affected chipsets

Operating Systems: Android, Linux-based systems using Qualcomm components

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability requires specific Qualcomm hardware/software combinations; exact configurations require vendor consultation

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could read sensitive kernel memory, potentially obtaining cryptographic keys, passwords, or other protected data leading to full system compromise.

🟠

Likely Case

Limited information disclosure of adjacent memory regions, potentially exposing system state or partial data structures.

🟢

If Mitigated

No data leakage occurs; system continues normal operation with proper bounds checking.

🌐 Internet-Facing: LOW

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires ability to send oversized messages to mailbox API, typically requiring some level of system access

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Qualcomm January 2025 security bulletin for specific chipset updates

Vendor Advisory: https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html

Restart Required: Yes

Instructions:

1. Consult Qualcomm January 2025 security bulletin 2. Identify affected chipset/component 3. Apply vendor-provided firmware/software updates 4. Reboot system

🔧 Temporary Workarounds

Input validation enhancement

all

Implement additional bounds checking for mailbox message sizes

🧯 If You Can't Patch

Restrict access to mailbox APIs to trusted processes only
Implement network segmentation to limit exposure of affected systems

🔍 How to Verify

Check if Vulnerable:

Check system against Qualcomm security bulletin for affected chipset versions

Check Version:

System-specific commands vary by OEM; typically 'getprop' on Android or chipset-specific diagnostic tools

Verify Fix Applied:

Verify updated firmware/software version matches patched versions in Qualcomm advisory

📡 Detection & Monitoring

Log Indicators:

Unusually large mailbox API calls
Memory access violations in kernel logs

SIEM Query:

Search for kernel logs containing 'mailbox' AND ('overflow' OR 'size' > threshold)

📊 Metadata

CVE ID: CVE-2024-23366

CVSS v3 Score: 6.6 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

CWE: CWE-126

EPSS Score: 0.07% exploit probability (22.1th percentile)

Published: January 6, 2025

Last Updated: January 10, 2025

🔗 References

https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Qam8255p Firmware by Qualcomm

Qam8295p Firmware by Qualcomm

Qam8650p Firmware by Qualcomm

Qam8775p Firmware by Qualcomm

Qamsrv1h Firmware by Qualcomm

Qca6595 Firmware by Qualcomm

Qca6595au Firmware by Qualcomm

Qca6696 Firmware by Qualcomm

Qca6698aq Firmware by Qualcomm

Sa8255p Firmware by Qualcomm

Sa8295p Firmware by Qualcomm

Sa8540p Firmware by Qualcomm

Sa8650p Firmware by Qualcomm

Sa8770p Firmware by Qualcomm

Sa8775p Firmware by Qualcomm

Sa9000p Firmware by Qualcomm

Srv1h Firmware by Qualcomm